Tech Friday with Dave Hatter- June 18th 2021 - SPONSORED BY INTRUST IT

  • A 100GB text file containing 8.4 billion passwords was recently posted anonymously to a hacker forum
  • Dubbed RockYou2021, a hat tip to the RockYou breach of 2009, it's the largest known data leak to date
  • RockYou2021 comes months after more than 3.2 billion credentials were posted in the Complication of Many Breaches (COMB) leak
  • LIke COMB, RockYou2021 contains data from many previous leaks
  • CyberNews warned that due to the large number of unique passwords in this breach, threat hackers can "mount password dictionary and password spraying attacks" against online accounts
  • Password spraying is using the same password on many accounts and cycling through accounts until a password works
  • The Verizon Data Breach Investigations Report says compromised passwords are responsible for 81% of hacking-related breaches
  • Many security experts recommend changing your passwords as a result of this leak
  • As we spend more time online, managing an ever increasing number of passwords can be overwhelming. It even has a name, "password anxiety"
  • In light of increasing cyberattacks, good password hygiene has never been more important
  • Here are some tips:
    • Never reuse passwords
    • Use a strong, unique password for every account
    • Strong password: A minimum of 8 characters, numbers and symbols. Longer is better. Learn about NIST guidelines here:https://auth0.com/blog/dont-pass-on-the-new-nist-password-guidelines/
    • Even better use a phrase that will be easy to remember by hard to crack or guess. For example: IL0v3L0c@l12N3ws!
    • Use a password manager to create and manage strong password and minimize password anxiety
      • Easily create and manage strong password for all accounts
      • Only need to know one strong passphrase, that for our your password manager account
      • Easily change passwords when necessary
      • Easily manage passwords and logins across multiple devices
    • Enable Multi-factor authentication (MFA), aka Two-factor authentication (2FA) or Two-Step Verification for all accounts, especially your password manager.
  • Use a site like haveibeenpwned.com to see if your credentials have shown up in any breaches. If so, immediately change your password(s)
  • Use Dark Web monitoring to proactively check for your credentials in data breaches
View Full Site